Apple plugs dozens of security flaws with newest version of Safari web browser

Safari version 5.1 is included in the new OS X Lion operating system and available for Snow Leopard, and Safari version 5.0.6 is available for Leopard. The Safari updates are also available for Windows XP SP2, Windows Vista, and Windows 7.

Safari 5.1 and 5.0.6 include fixes for 58 security flaws, including several critical flaws in WebKit that could be exploited for application termination or arbitrary code execution.

The Safari update also offers new privacy and security features, including a new privacy pane that enables users to manage settings for local shared objects (LSOs), known as Flash cookies.

On the Lion operating system, the browser supports sandboxing, which prevents web sites from using exploits to access a user’s system. “If a website contains malicious code intended to capture personal data or take control of your computer, sandboxing automatically blocks it to keep your computer and your information safe”, Apple explained.

In addition, Safari is able to detect a web form that has autofill and enables the user to choose whether to use it to complete the form with information from the user’s address book. “No information is ever added to a form automatically unless you say it’s OK”, Apple said.
 

What’s Hot on Infosecurity Magazine?